Instagram User Passwords Exposed Due to Flawed Download Tool

Instagram has issued a warning that the password details of some of its users had been exposed due to a security leak.

Oddly, this breach happened because of a problem in the ‘Download Your Data’ tool, which Instagram included in the platform to enable users to download a copy of their personal data for GDPR compliance in response to privacy concerns after Facebook’s Cambridge Analytica scandal. However, Instagram sent the passwords of users in plain text via the tool.

Facebook’s servers also store Instagram passwords because of the partnership between the two social network platforms. The exposed passwords have now been deleted from Facebook’s database.

Instagram announced late last week that the tool had been fixed and explained to the platform users that the company would take better care of their data privacy moving forward.

Instagram also instructed users to update their passwords and clear their browser history to delete saved passwords. Instagram sent a tweet on November 20 about the trouble that some people are having accessing Instagram. The tweet also gave users assurances the issue will be resolved as quickly as possible.

2018 has seen several other privacy breaches involving large multinational Internet and social media firms such as Facebook, Google, Twitter, and Microsoft Office. The implications of breaches such as those experienced by these firms are considerable. Financial penalties, according to the GDPR, can be as high as €20 million or 4% of yearly global turnover – whichever amount is greater.